Uncertainty: Security in the IoT era
Intel Security’s CTO in APAC, Michael Sentonas observed that having Intel as a parent company gives them an interesting perspective on security. “We’re unique, due to fact we can bring together the tech, the security and the expertise in a way that not many other companies have ability to do.”
With all the different components of the ecosystem; different moving parts that need to align; one thing is for certain: security by design is crucial. This is especially so now that the Internet of Things (IoT) and all the needed sensors are being sent out into the world.
Sentonas said, “It is important to have capability built into the hardware itself. If you deploy all the technology like smart meters, smart fridges and so on, it is hard to go back and try to retrofit it. That is a challenge financially and logistically.”
No doubt, the upcoming Internet of Things era poses a very unique and interesting challenge. Sentonas shared that Intel spends a lot of time researching into this area, and one thing is absolutely clear. “You need to take into consideration various number of things like hardware, security, privacy and protecting information on the devices, and information in transit.”
Every IoT device is an endpoint, so there has to be security built into it.
But the unique challenge is that these endpoint devices, may not have operating systems or the components we are used to seeing on computers and mobile computing devices. Instead, these are very purpose-built function devices.
Sentonas said, “We have engineered technology in this space already, with an Intel IoT gateway. This is a combination of hardware and security from Intel security and Windriver. It enables IoT devices and even SCADA (supervisory control and data acquisition) devices onto the Internet.”
Even cars are now security risks. Almost as indispensable as the mobile phone, every car manufacturer, and then some, are working towards building vehicles that could reduce road casualties.
Sentonas said, “Google is pioneering it, Apple is talking about the electric car, Audi and more are working in that space. The need to do security is important. What we want to do is make sure all aspects are taken into consideration.
Not many people know where the technology is going towards, but it is developing, maturing, evolving. What there is today, and what comes in 2020, will be radically different.”
Needless to say, it is hard to anticipate what scenarios and the possible security risks would arise.
Already the modern car of today is built with every consideration so that drivers can experience automation and convenience. “There are about 100 processors on board, not to the extent like a driverless car, but it enables features like cruise control, auto-braking, driver assist and more,” said Sentonas.
As a result of all that tech and intelligence, there are already examples of hackers compromising vehicles – last August, the Jeep Cherokee was hacked into, so that it could be remotely controlled.
The APAC CTO observed, “What happened to Jeep was a good wake up call. People have talked about security risks theoretically for the past 5 to 7 years.”
He also added that Intel has a long history of work in this area, working on technologies with a number of different manufacturers from Honda, BMW, Ford, and so on, that can protect these cars information and infotainment systems.
The challenge however, has been that car makers haven’t thought about securing cars yet, instead being more occupied about the right way to build other technologies like GPS, into the vehicle.
Intel has made good headway however, having produced a customised version of their app control, that only allows specific apps to run with very low memory footprint. This is something that would be very useful as more and more endpoint devices become connected to the Internet.
“Intel as our parent company, is building a lot of technology. Our opportunity is to explore where we can add the security,” Sentonas concluded.